Am Wed, Feb 22, 2023 at 06:12:29PM +0100 schrieb
davenull@tuxfamily.org:
========= context =========
For the context, I use a Debian 11 laptop for work. When I work
remotely
from home, I have to use a cisco VPN. Good thing is there is
openconnect,
which does work, and in teh case of ym work's VPN, it does wor.
cisco's
spyware/downloaded binry, namely using the --csd-wrapper
/usr/libexec/openconnect/"
[snip]
===== end of context =====
What I want is: setting up /etc/resolv.conf ONLY
- at system startup/initial network connexion.
- when openconnect is executed and connects to work's VPN
- when openconnect is ^C-ed and disconnects from the works VPN
(cleaning
it's mess in the routing table, interfaces, /etc/resolv's and other
netwwork
stuff it might have modified, makes sense)
Here's what I know:
- Whatever process does that seems does what I highly suspect to be
DHCP [1]
requests every now and then. Home's router answers giving it's own
address
as both gateway and DNS resolver. And said process thinks it's OK to
delete
and recreate resolv.conf with the wrong content… breaking everything
work's
related while the VPN is still active
If it is DHCP: You might do a countermeasure in
/etc/dhcp/dhclient.conf. On my system I have an entry as below.
interface "wlp4s0" {
supersede domain-name-servers 127.0.0.1;